Details
-
Bug
-
Status: Closed (View Workflow)
-
Minor
-
Resolution: Fixed
-
None
-
Jenkins 2.118, rocketchat 1.2.0,
Description
I've configured rocketchat notifier with the option "Trust Server Certificate" set, and the test connection works, giving the message
"you're all set on [domain]" in my rocket chat channel.
I've configured the rocketchat plugin for the build in question and checked to be notified on all event types, however no message is received and in the logs there is the message:
"Could not send rocket message"
I updated the relevant log message to include the actual error, and reloaded the plugin which now gives:
Build completed. Checking for rocket notifiers
May 04, 2018 9:00:14 AM INFO jenkins.plugins.rocketchatnotifier.ActiveNotifier completed
Could not send rocket message: Please check if the server API domain:2015/api/v1/login is correct: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
It appears that the test is not checking for a certificate, but to actually send a message it still is.
Attachments
Activity
Julian Di Leonardo
added a comment - Still hitting this
Jul 05, 2018 11:18:44 AM INFO jenkins.plugins.rocketchatnotifier.RocketChatNotifier prebuild Invoking Started... Jul 05, 2018 11:18:44 AM INFO jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl Creating new instance for rocket https://myrocketchatinternalwebsite.com (trustSSL: false) Jul 05, 2018 11:18:44 AM SEVERE jenkins.plugins.rocketchatnotifier.RocketClientWebhookImpl publish I/O error error during publishing message sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
Julian Di Leonardo
added a comment - Still hitting this
Jul 05 , 2018 11 : 18 : 44 AM INFO jenkins.plugins.rocketchatnotifier.RocketChatNotifier prebuild Invoking Started... Jul 05 , 2018 11 : 18 : 44 AM INFO jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl Creating new instance for rocket https: //myrocketchatinternalwebsite.com (trustSSL: false) Jul 05 , 2018 11 : 18 : 44 AM SEVERE jenkins.plugins.rocketchatnotifier.RocketClientWebhookImpl publish I/O error error during publishing message sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java: 141 ) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java: 126 ) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java: 280 ) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java: 382 ) Julian Di Leonardo
added a comment - ping mreinhardt sorry, but having no idea why it's not working and dont have time to investigate further ...
I have also recently encountered this bug. Happens with a self-hosted rocketchat instance with a self-signed cert. A workaround is to import the cert into the java keystore on the jenkins host, but it does seem like the "Trust server certificate" setting is not honoured for jobs, only for test connections.,
Lasse Lindqvist
added a comment - Maybe because trustSSL is used only in one branch here? https://github.com/jenkinsci/rocketchatnotifier-plugin/blob/develop/src/main/java/jenkins/plugins/rocketchatnotifier/rocket/RocketChatClientCallBuilder.java#L95
Lasse Lindqvist
added a comment - Maybe because trustSSL is used only in one branch here? https://github.com/jenkinsci/rocketchatnotifier-plugin/blob/develop/src/main/java/jenkins/plugins/rocketchatnotifier/rocket/RocketChatClientCallBuilder.java#L95
that's wrong, it's also in the master: https://github.com/jenkinsci/rocketchatnotifier-plugin/blob/master/src/main/java/jenkins/plugins/rocketchatnotifier/rocket/RocketChatClientCallBuilder.java#L96
Lasse Lindqvist
added a comment - Sorry, I was a bit unclear. What I meant was that for example https://github.com/jenkinsci/rocketchatnotifier-plugin/blob/master/src/main/java/jenkins/plugins/rocketchatnotifier/rocket/RocketChatClientCallBuilder.java#L89
Unirest.setHttpClient(clientBuilder.build());
does not seem to be using the parameter.
Lasse Lindqvist
added a comment - Sorry, I was a bit unclear. What I meant was that for example https://github.com/jenkinsci/rocketchatnotifier-plugin/blob/master/src/main/java/jenkins/plugins/rocketchatnotifier/rocket/RocketChatClientCallBuilder.java#L89
Unirest.setHttpClient(clientBuilder.build());
does not seem to be using the parameter. 
Konstantin Titor
added a comment - mark_hardwick how do you updated the relevant log message to include the actual error ? Because at the moment I have the same error "Could not send rocket message" in jenkins log without additional information.
PLugin version 1.3.2
Konstantin Titor
added a comment - mark_hardwick how do you updated the relevant log message to include the actual error ? Because at the moment I have the same error "Could not send rocket message" in jenkins log without additional information.
PLugin version 1.3.2 Konstantin Titor
added a comment - I've reopened this issue because I have the same error with the latest version of Jenkins and Rocket.Chat plugin
Konstantin Titor
added a comment - I've reopened this issue because I have the same error with the latest version of Jenkins and Rocket.Chat plugin We have the same issue in 1.4.1.
With an HTTPS instance of Rocket Chat with a self-signed certificate and with username/password auth (not webhook token).
"Test Connection" is fine with "Trust Server Certificate" checked.
But with the build notifier fails.
Build completed. Checking for rocket notifiers
janv. 28, 2019 2:49:44 PM INFOS jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl
Creating new instance for rocket https://rocket****** (trustSSL: false)
janv. 28, 2019 2:49:44 PM GRAVE jenkins.plugins.rocketchatnotifier.RocketClientWebhookImpl publish
I/O error error during publishing message sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) Caused: sun.security.validator.ValidatorException: PKIX path building failed at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460) Caused: javax.net.ssl.SSLHandshakeException at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) at com.mashape.unirest.http.HttpClientHelper.request(HttpClientHelper.java:138) Caused: com.mashape.unirest.http.exceptions.UnirestException at com.mashape.unirest.http.HttpClientHelper.request(HttpClientHelper.java:143) at com.mashape.unirest.request.BaseRequest.asString(BaseRequest.java:56) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildGetCall(RocketChatClientCallBuilder.java:148) Caused: jenkins.plugins.rocketchatnotifier.rocket.errorhandling.RocketClientException at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildGetCall(RocketChatClientCallBuilder.java:150) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildCall(RocketChatClientCallBuilder.java:126) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildCall(RocketChatClientCallBuilder.java:111) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.getInfo(RocketChatClientImpl.java:101) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.sendSingleMessage(RocketChatClientImpl.java:151) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.send(RocketChatClientImpl.java:130) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.send(RocketChatClientImpl.java:123) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.send(RocketChatClientImpl.java:117) at jenkins.plugins.rocketchatnotifier.RocketClientWebhookImpl.publish(RocketClientWebhookImpl.java:37) at jenkins.plugins.rocketchatnotifier.ActiveNotifier.completed(ActiveNotifier.java:114) at jenkins.plugins.rocketchatnotifier.RocketChatNotifier.perform(RocketChatNotifier.java:367) at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20) at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:736) at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:682) at hudson.model.Build$BuildExecution.post2(Build.java:186) at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:627) at hudson.model.Run.execute(Run.java:1762) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:97) at hudson.model.Executor.run(Executor.java:421)
Gaël Barbier
added a comment - - edited We have the same issue in 1.4.1.
With an HTTPS instance of Rocket Chat with a self-signed certificate and with username/password auth (not webhook token).
"Test Connection" is fine with "Trust Server Certificate" checked.
But with the build notifier fails.
Build completed. Checking for rocket notifiers
janv. 28, 2019 2:49:44 PM INFOS jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl
Creating new instance for rocket https://rocket****** (trustSSL: false)
janv. 28, 2019 2:49:44 PM GRAVE jenkins.plugins.rocketchatnotifier.RocketClientWebhookImpl publish
I/O error error during publishing message sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) Caused: sun.security.validator.ValidatorException: PKIX path building failed at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460) Caused: javax.net.ssl.SSLHandshakeException at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) at com.mashape.unirest.http.HttpClientHelper.request(HttpClientHelper.java:138) Caused: com.mashape.unirest.http.exceptions.UnirestException at com.mashape.unirest.http.HttpClientHelper.request(HttpClientHelper.java:143) at com.mashape.unirest.request.BaseRequest.asString(BaseRequest.java:56) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildGetCall(RocketChatClientCallBuilder.java:148) Caused: jenkins.plugins.rocketchatnotifier.rocket.errorhandling.RocketClientException at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildGetCall(RocketChatClientCallBuilder.java:150) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildCall(RocketChatClientCallBuilder.java:126) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientCallBuilder.buildCall(RocketChatClientCallBuilder.java:111) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.getInfo(RocketChatClientImpl.java:101) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.sendSingleMessage(RocketChatClientImpl.java:151) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.send(RocketChatClientImpl.java:130) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.send(RocketChatClientImpl.java:123) at jenkins.plugins.rocketchatnotifier.rocket.RocketChatClientImpl.send(RocketChatClientImpl.java:117) at jenkins.plugins.rocketchatnotifier.RocketClientWebhookImpl.publish(RocketClientWebhookImpl.java:37) at jenkins.plugins.rocketchatnotifier.ActiveNotifier.completed(ActiveNotifier.java:114) at jenkins.plugins.rocketchatnotifier.RocketChatNotifier.perform(RocketChatNotifier.java:367) at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20) at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:736) at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:682) at hudson.model.Build$BuildExecution.post2(Build.java:186) at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:627) at hudson.model.Run.execute(Run.java:1762) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:97) at hudson.model.Executor.run(Executor.java:421) and the logs says you have trustSSL disabled so any self-signed cert will not get through
the next release will have some more logging methods. Post logs back once new version is released